54 matches found
CVE-2024-44944 netfilter: ctnetlink: use helper function to calculate expect ID
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nfexpectgetid helper function to calculate the expectation ID, otherwise LSB of the expectation object address is...
CVE-2024-33831
A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...
CVE-2024-33831
A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...
PT-2024-25502 · Yapi · Yapi
Name of the Vulnerable Software and Affected Versions: yapi version 1.10.2 Description: A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...
CVE-2024-33831
CVE-2024-33831 describes a stored cross-site scripting (XSS) vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 . The issue allows an attacker to inject a crafted payload into the body field , enabling execution of arbitrary web scripts or HTML in the victim’s browser. Co...
CVE-2024-33831
A stored cross-site scripting XSS vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...
CVE-2021-47129 netfilter: nft_ct: skip expectations for confirmed conntrack
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...
CVE-2021-47129 netfilter: nft_ct: skip expectations for confirmed conntrack
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: skip expectations for confirmed conntrack nftctexpectobjeval calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called for !nfctisconfirmed. 1825.349056 WARNING: CPU: 0 PID: 1279 a...
CVE-2023-32322 Arbitrary file read in Ombi
Ombi is an open source application which allows users to request specific media from popular self-hosted streaming servers. Versions prior to 4.38.2 contain an arbitrary file read vulnerability where an Ombi administrative user may access files available to the Ombi server process on the host...
greatexpectation.com.au Cross Site Scripting vulnerability OBB-2384909
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Media Acceleration Enhances Online Experiences for OTT Video, Games and Software Downloads
Online audiences are growing and so are their expectations for the quality of experience. You know exactly what I mean if you've ever been frustrated with the rate at which a game is downloading or if your video stalls at the most inopportune time. Online streaming is no longer novel, it's the...
HTTPS Available as Opt-In for Blogspot
Google said on Wednesday it has made HTTPS available as an opt-in for its Blogspot publishing service. Google and other technology providers have been ramping up encryption rollouts in the two years since the publication of the Snowden documents began. To date, Google has encrypted Gmail, search,...
FTC Urges IoT Privacy, Security at Consumer Electronics Show
In her keynote address yesterday at the Consumer Electronics Show in Las Vegas, Federal Trade Commission Chairwoman Edith Ramirez imagined the dystopic convergence of big data conglomerates and a ceaseless information gathering machine fueled by the constant connectivity ushered in by the so-call...
Suit Filed Against NSA, Obama Over Surveillance Program
A group of people, including a former federal prosecutor and the parents of a Navy SEAL sniper killed in action, have filed a class-action law suit against the National Security Agency, Verizon and President Obama over the NSA’s collection of cell phone data. The suit says the order that enabled...